VIRUS - Changing IP Address

M

Momtoysj

Some viruses were recently accidentally downloaded on my laptop. We kept
getting a pop up window, exclamation mark in yellow saying we had viruses, my
husband accidentally clicked on it and then we were taken to some "VIRUS
removal" website. I tried to delete the files, ran some virus software, that
says the virus was found but can't be cleaned, so it's only moved to another
area. This has also affected our internet, MSN connection, when I try to
sign on to MSN Messenger, i get an error saying "incorrect IP address" or
something along those lines. When I try to launch internet explorer, the
home page has been changed to "about:blank". At one point I was able to just
type in a different web page, ie google.ca and it was okay, but now the
internet doesn't go anywhere. How do I go about change the IP address so I
can get back on the internet???? Please help. Thank you.
Nicki
 
M

Malke

Momtoysj wrote:
> Some viruses were recently accidentally downloaded on my laptop. We kept
> getting a pop up window, exclamation mark in yellow saying we had viruses, my
> husband accidentally clicked on it and then we were taken to some "VIRUS
> removal" website. I tried to delete the files, ran some virus software, that
> says the virus was found but can't be cleaned, so it's only moved to another
> area. This has also affected our internet, MSN connection, when I try to
> sign on to MSN Messenger, i get an error saying "incorrect IP address" or
> something along those lines. When I try to launch internet explorer, the
> home page has been changed to "about:blank". At one point I was able to just
> type in a different web page, ie google.ca and it was okay, but now the
> internet doesn't go anywhere. How do I go about change the IP address so I
> can get back on the internet???? Please help. Thank you.
> Nicki

You need to clean up your computer first. Simply changing the IP address
will not do it.

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/page2.html#Removing_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to
do all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html

The site is in German but David's tool is in English so don't let that
worry you. Scroll all the way down to almost the bottom of the page and
you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
You'll see "Download von www pctipp.ch" and the live link to download
Multi_AV.

You can also check to see if there are targeted removal steps for your
malware here:
Bleeping Computer removal how-to's -
http://www.bleepingcomputer.com/forums/forum55.html

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).

Not all tools used will work in Vista and you will need to run them
elevated. Since Vista is so new, it will be a while before removal
techniques and tools are developed. If you are unable to remove the
infection by following the general steps, register at one of the
HijackThis forums as suggested.

Standard caveat: If the procedures look too complex - and there is no
shame in admitting this isn't your cup of tea - take the machine to a
professional computer repair shop (not your local version of
BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may
be so infested that Windows will need to be clean-installed. Have all
your data backed up before you take the machine into a shop.


Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
 
M

Momtoysj

Thanks. I know I have to clean the computer first but I'm not sure I can
even get on the internet to run the stuff you indicate. As mentioned when I
launch internet explorer I just get the blank screen and can't go anywhere
else. Yes this does sound a little bit much, perhaps not my cup of tea and I
may just have to bring it in somewhere, but I'll try if I can get on the
internet or do you know a magic way of doing it? If I change the IP address
will I at least be able to get to the internet to perform the clean up as you
suggested or will changing the IP address do nothing until it's cleaned up?
I've heard I can change the IP address (maybe) by turning off the the
cable/dsl modem for a while and in many cases this will change the IP
address. Your thoughts and help is appreciated. Thanks.


"Malke" wrote:

> Momtoysj wrote:
> > Some viruses were recently accidentally downloaded on my laptop. We kept
> > getting a pop up window, exclamation mark in yellow saying we had viruses, my
> > husband accidentally clicked on it and then we were taken to some "VIRUS
> > removal" website. I tried to delete the files, ran some virus software, that
> > says the virus was found but can't be cleaned, so it's only moved to another
> > area. This has also affected our internet, MSN connection, when I try to
> > sign on to MSN Messenger, i get an error saying "incorrect IP address" or
> > something along those lines. When I try to launch internet explorer, the
> > home page has been changed to "about:blank". At one point I was able to just
> > type in a different web page, ie google.ca and it was okay, but now the
> > internet doesn't go anywhere. How do I go about change the IP address so I
> > can get back on the internet???? Please help. Thank you.
> > Nicki
>
> You need to clean up your computer first. Simply changing the IP address
> will not do it.
>
> Go through these general malware removal steps systematically -
> http://www.elephantboycomputers.com/page2.html#Removing_Malware
>
> Include scanning with David Lipman's Multi_AV and follow instructions to
> do all scans in Safe Mode. Please see the special Notes regarding using
> Multi_AV in Vista.
>
> http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
> http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
>
> The site is in German but David's tool is in English so don't let that
> worry you. Scroll all the way down to almost the bottom of the page and
> you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
> You'll see "Download von www pctipp.ch" and the live link to download
> Multi_AV.
>
> You can also check to see if there are targeted removal steps for your
> malware here:
> Bleeping Computer removal how-to's -
> http://www.bleepingcomputer.com/forums/forum55.html
>
> When all else fails, run HijackThis and post your log in one of the
> specialty forums listed at the first link above (not here, please).
>
> Not all tools used will work in Vista and you will need to run them
> elevated. Since Vista is so new, it will be a while before removal
> techniques and tools are developed. If you are unable to remove the
> infection by following the general steps, register at one of the
> HijackThis forums as suggested.
>
> Standard caveat: If the procedures look too complex - and there is no
> shame in admitting this isn't your cup of tea - take the machine to a
> professional computer repair shop (not your local version of
> BigComputerStore/GeekSquad). Please be aware that not all local shops
> are skilled at removing malware and even if they are, your computer may
> be so infested that Windows will need to be clean-installed. Have all
> your data backed up before you take the machine into a shop.
>
>
> Malke
> --
> Elephant Boy Computers
> www.elephantboycomputers.com
> "Don't Panic!"
> MS-MVP Windows - Shell/User
>
 
T

Tom [Pepper] Willett

Changing the IP address will have no effect. Your machine is compromised,
not your IP address.

"Momtoysj" <Momtoysj@discussions.microsoft.com> wrote in message
news:DEF060E1-6FB8-42E8-BBAB-0E578AA02255@microsoft.com...
| Thanks. I know I have to clean the computer first but I'm not sure I can
| even get on the internet to run the stuff you indicate. As mentioned when
I
| launch internet explorer I just get the blank screen and can't go anywhere
| else. Yes this does sound a little bit much, perhaps not my cup of tea
and I
| may just have to bring it in somewhere, but I'll try if I can get on the
| internet or do you know a magic way of doing it? If I change the IP
address
| will I at least be able to get to the internet to perform the clean up as
you
| suggested or will changing the IP address do nothing until it's cleaned
up?
| I've heard I can change the IP address (maybe) by turning off the the
| cable/dsl modem for a while and in many cases this will change the IP
| address. Your thoughts and help is appreciated. Thanks.
|
|
| "Malke" wrote:
|
| > Momtoysj wrote:
| > > Some viruses were recently accidentally downloaded on my laptop. We
kept
| > > getting a pop up window, exclamation mark in yellow saying we had
viruses, my
| > > husband accidentally clicked on it and then we were taken to some
"VIRUS
| > > removal" website. I tried to delete the files, ran some virus
software, that
| > > says the virus was found but can't be cleaned, so it's only moved to
another
| > > area. This has also affected our internet, MSN connection, when I try
to
| > > sign on to MSN Messenger, i get an error saying "incorrect IP address"
or
| > > something along those lines. When I try to launch internet explorer,
the
| > > home page has been changed to "about:blank". At one point I was able
to just
| > > type in a different web page, ie google.ca and it was okay, but now
the
| > > internet doesn't go anywhere. How do I go about change the IP address
so I
| > > can get back on the internet???? Please help. Thank you.
| > > Nicki
| >
| > You need to clean up your computer first. Simply changing the IP address
| > will not do it.
| >
| > Go through these general malware removal steps systematically -
| > http://www.elephantboycomputers.com/page2.html#Removing_Malware
| >
| > Include scanning with David Lipman's Multi_AV and follow instructions to
| > do all scans in Safe Mode. Please see the special Notes regarding using
| > Multi_AV in Vista.
| >
| > http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
| >
http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
| >
| > The site is in German but David's tool is in English so don't let that
| > worry you. Scroll all the way down to almost the bottom of the page and
| > you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
| > You'll see "Download von www pctipp.ch" and the live link to download
| > Multi_AV.
| >
| > You can also check to see if there are targeted removal steps for your
| > malware here:
| > Bleeping Computer removal how-to's -
| > http://www.bleepingcomputer.com/forums/forum55.html
| >
| > When all else fails, run HijackThis and post your log in one of the
| > specialty forums listed at the first link above (not here, please).
| >
| > Not all tools used will work in Vista and you will need to run them
| > elevated. Since Vista is so new, it will be a while before removal
| > techniques and tools are developed. If you are unable to remove the
| > infection by following the general steps, register at one of the
| > HijackThis forums as suggested.
| >
| > Standard caveat: If the procedures look too complex - and there is no
| > shame in admitting this isn't your cup of tea - take the machine to a
| > professional computer repair shop (not your local version of
| > BigComputerStore/GeekSquad). Please be aware that not all local shops
| > are skilled at removing malware and even if they are, your computer may
| > be so infested that Windows will need to be clean-installed. Have all
| > your data backed up before you take the machine into a shop.
| >
| >
| > Malke
| > --
| > Elephant Boy Computers
| > www.elephantboycomputers.com
| > "Don't Panic!"
| > MS-MVP Windows - Shell/User
| >
 
N

Newell White

One way malware can intefere with your internet access is by modifying the file
C:\windows\system32\drivers\etc\hosts

Before you do anything else, write down the 'Modified' date/time of this
file - this may indicate when

infection occurred, vital for locating the malware files.

Unless you have modified it yourself, Yours should look like this:

# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
--
Newell White


"Momtoysj" wrote:

> Thanks. I know I have to clean the computer first but I'm not sure I can
> even get on the internet to run the stuff you indicate. As mentioned when I
> launch internet explorer I just get the blank screen and can't go anywhere
> else. Yes this does sound a little bit much, perhaps not my cup of tea and I
> may just have to bring it in somewhere, but I'll try if I can get on the
> internet or do you know a magic way of doing it? If I change the IP address
> will I at least be able to get to the internet to perform the clean up as you
> suggested or will changing the IP address do nothing until it's cleaned up?
> I've heard I can change the IP address (maybe) by turning off the the
> cable/dsl modem for a while and in many cases this will change the IP
> address. Your thoughts and help is appreciated. Thanks.
>
>
> "Malke" wrote:
>
> > Momtoysj wrote:
> > > Some viruses were recently accidentally downloaded on my laptop. We kept
> > > getting a pop up window, exclamation mark in yellow saying we had viruses, my
> > > husband accidentally clicked on it and then we were taken to some "VIRUS
> > > removal" website. I tried to delete the files, ran some virus software, that
> > > says the virus was found but can't be cleaned, so it's only moved to another
> > > area. This has also affected our internet, MSN connection, when I try to
> > > sign on to MSN Messenger, i get an error saying "incorrect IP address" or
> > > something along those lines. When I try to launch internet explorer, the
> > > home page has been changed to "about:blank". At one point I was able to just
> > > type in a different web page, ie google.ca and it was okay, but now the
> > > internet doesn't go anywhere. How do I go about change the IP address so I
> > > can get back on the internet???? Please help. Thank you.
> > > Nicki
> >
> > You need to clean up your computer first. Simply changing the IP address
> > will not do it.
> >
> > Go through these general malware removal steps systematically -
> > http://www.elephantboycomputers.com/page2.html#Removing_Malware
> >
> > Include scanning with David Lipman's Multi_AV and follow instructions to
> > do all scans in Safe Mode. Please see the special Notes regarding using
> > Multi_AV in Vista.
> >
> > http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
> > http://www.pctipp.ch/downloads/sicherheit/35905/multi_av_scanning_tool.html
> >
> > The site is in German but David's tool is in English so don't let that
> > worry you. Scroll all the way down to almost the bottom of the page and
> > you'll see a box titled "Infos Zum Download - Multi-AV Scanning Tool".
> > You'll see "Download von www pctipp.ch" and the live link to download
> > Multi_AV.
> >
> > You can also check to see if there are targeted removal steps for your
> > malware here:
> > Bleeping Computer removal how-to's -
> > http://www.bleepingcomputer.com/forums/forum55.html
> >
> > When all else fails, run HijackThis and post your log in one of the
> > specialty forums listed at the first link above (not here, please).
> >
> > Not all tools used will work in Vista and you will need to run them
> > elevated. Since Vista is so new, it will be a while before removal
> > techniques and tools are developed. If you are unable to remove the
> > infection by following the general steps, register at one of the
> > HijackThis forums as suggested.
> >
> > Standard caveat: If the procedures look too complex - and there is no
> > shame in admitting this isn't your cup of tea - take the machine to a
> > professional computer repair shop (not your local version of
> > BigComputerStore/GeekSquad). Please be aware that not all local shops
> > are skilled at removing malware and even if they are, your computer may
> > be so infested that Windows will need to be clean-installed. Have all
> > your data backed up before you take the machine into a shop.
> >
> >
> > Malke
> > --
> > Elephant Boy Computers
> > www.elephantboycomputers.com
> > "Don't Panic!"
> > MS-MVP Windows - Shell/User
> >
 
M

Malke

Momtoysj wrote:
> Thanks. I know I have to clean the computer first but I'm not sure I can
> even get on the internet to run the stuff you indicate. As mentioned when I
> launch internet explorer I just get the blank screen and can't go anywhere
> else. Yes this does sound a little bit much, perhaps not my cup of tea and I
> may just have to bring it in somewhere, but I'll try if I can get on the
> internet or do you know a magic way of doing it? If I change the IP address
> will I at least be able to get to the internet to perform the clean up as you
> suggested or will changing the IP address do nothing until it's cleaned up?
> I've heard I can change the IP address (maybe) by turning off the the
> cable/dsl modem for a while and in many cases this will change the IP
> address. Your thoughts and help is appreciated. Thanks.

You don't *want* to get on the Internet with that machine! You need to
clean it up before putting it on any network. Removing viruses and
malware should be done in Safe Mode *without* Networking. Read the
instructions at the links I already gave you. You need to get all
tools/updates from a different, known-clean machine and either put them
on a usb key or burn a CD to use on the infected machine.

Changing the IP address will *not* get you on the Internet. If you don't
have access to another clean machine and/or don't have the technical
skills to remove all infections, take the machine to a computer repair shop.

The only alternative to going through the malware removal tediously and
systematically, probably with online help from an HJT forum, and taking
the machine to a real professional is to back up your data and do a
clean install of Windows. It's your call.


Malke
--
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic!"
MS-MVP Windows - Shell/User
 
You must log in or register to reply here.

Similar threads

S
When my computer either wakes up from sleep, or when the IP address is automatically refreshed after release, my computer loses connection to the Inte
Replies
0
Views
32
Stephen Bennett2
S
D
my IP address was use without my knowledge. I'm unable to use my laptop there a message on my laptop which prevents me from clicking it off
Replies
0
Views
32
Denesha Williamson
D
D
my IP address was use without my knowledge. I'm unable to use my laptop there a message on my laptop which prevents me from clicking it off
Replies
0
Views
28
Denesha Williamson
D
D
Cannot connect to computers I can see on the network
Replies
0
Views
13
dvdb72660
D
D
VIRUS DEV HOME
Replies
0
Views
25
Duboc42
D
Back
Top Bottom